17.4. Server Settings

The Server tab allows you to configure basic server
settings. The default settings for these options are appropriate for
most situations.

Figure 17-10. Server Configuration

The Lock File value corresponds to the LockFile
directive. This directive sets the path to the lockfile used
when the server is compiled with either USE_FCNTL_SERIALIZED_ACCEPT or
USE_FLOCK_SERIALIZED_ACCEPT. It must be stored on the local disk. It
should be left to the default value unless the
logs directory is located on an NFS share. If
this is the case, the default value should be changed to a location on
the local disk and to a directory that is readable only by root.

The PID File value corresponds to the PidFile
directive. This directive sets the file in which the server records
its process ID (pid). This file should only be readable by root. In
most cases, it should be left to the default value.

The Core Dump Directory value corresponds to the
CoreDumpDirectory
directive. The Apache HTTP Server tries to switch to this directory before
executing a core dump. The default value is the
ServerRoot. However, if the user that the server runs
as can not write to this directory, the core dump can not be
written. Change this value to a directory writable by the user the
server runs as, if you want to write the core dumps to disk for
debugging purposes.

The User value corresponds to the User
directive. It sets the userid used by the server to answer
requests. This user's settings determine the server's access. Any files
inaccessible to this user are also inaccessible to your website's
visitors. The default for User is apache.

The user should only have privileges so that it can access files which
are supposed to be visible to the outside world. The user is also the
owner of any CGI processes spawned by the server. The user should not
be allowed to execute any code which is not intended to be in response
to HTTP requests.

Warning

Unless you know exactly what you are doing, do not set the
User directive to root. Using root as the
User creates large security holes for your Web
server.

The parent httpd process first runs as root during
normal operations, but is then immediately handed off to the apache
user. The server must start as root because it needs to bind to a port
below 1024. Ports below 1024 are reserved for system use, so they can not
be used by anyone but root. Once the server has attached itself to its
port, however, it hands the process off to the apache user before it
accepts any connection requests.

The Group value corresponds to the Group
directive. The Group directive is similar to the
User directive. Group sets
the group under which the server answers requests. The default
group is also apache.